On Saturday 14 Jun 2003 12:30 pm, manolis wrote: > well I fought with named, shorewall, conf files and finally I made internet > sharing manually to work!!!!! > > One question: > in my policy file of shorewall i edited like this to have samba and > internet sharing all together. > > masq net ACCEPT > loc net ACCEPT > fw net ACCEPT > fw masq ACCEPT > masq fw ACCEPT > net all DROP info > all all REJECT info > > Can someone tell me what holes may I opened with the above. > I mean is there a problem with internet intrusion in my network? >
What you have done is allowed total access to the Internet from the firewall and the local network, and between the local network and the firewall, but allowed no access from the Internet into your firewall or the local network. So long as you trust the clients in your local network that is fine If you want to open up specific ports you do that in the /etc/shorewall/rules file You can test your firewall here http://scan.sygatetech.com/ derek -- ---------------------------------- www.jennings.homelinux.net
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com